Just like the floppy disk during its heydays, the USB drive, commonly called the thumb drive or flash disk, is the preferred removable storage media due to its portability and data storage capacity. However, its popularity may prove to be useful for attackers as a propagation vector for malware and as a tool for breaching network security, although it may be coupled with a pinch of social engineering to achieve the desired effect.
Picture this: a fashionable-looking USB drive (with a casing in bright candy colors to easily attract people) is left in an often-accessed area in the office, say a lobby or a pantry. An employee notices the unattended device and when nobody’s looking, picks it up and plugs it in immediately in his workstation, hoping to find a ton of pictures having adult content. His prayers are answered and he does find a lot of adult-oriented images. But he gets more than he bargained for: when he plugged in the USB drive into his workstation, a worm residing in the storage device as a hidden file automatically triggered itself into action. Within mere seconds, the worm has used email to propagate itself and has dropped copies of itself in shared folders available in the corporate network. Furthermore, it has downloaded a copy of its backdoor counterpart from the Internet and has executed it as well, allowing remote attackers to access the corporate networkâ?¦
The scenario presented may likely happen in an environment with lax security. But even in an office where security is tight (for both software and physical), such a thing can happen if the people aren’t aware or informed.
Read more about social engineering and USB drives here.